aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sm/ChangeLog6
-rw-r--r--sm/certchain.c5
2 files changed, 9 insertions, 2 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog
index feef043ef..928611eb8 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,9 @@
+2004-10-08 Moritz Schulte <[email protected]>
+
+ * certchain.c (gpgsm_validate_chain): Do not use keydb_new() in
+ case the no_chain_validation-return-short-cut is used (fixes
+ memory leak).
+
2004-10-04 Werner Koch <[email protected]>
* misc.c (setup_pinentry_env): Try hard to set a default for GPG_TTY.
diff --git a/sm/certchain.c b/sm/certchain.c
index ad30a36e1..c51327e0d 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -534,7 +534,7 @@ gpgsm_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
int rc = 0, depth = 0, maxdepth;
char *issuer = NULL;
char *subject = NULL;
- KEYDB_HANDLE kh = keydb_new (0);
+ KEYDB_HANDLE kh = NULL;
ksba_cert_t subject_cert = NULL, issuer_cert = NULL;
ksba_isotime_t current_time;
ksba_isotime_t exptime;
@@ -555,7 +555,8 @@ gpgsm_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
log_info ("WARNING: bypassing certificate chain validation\n");
return 0;
}
-
+
+ kh = keydb_new (0);
if (!kh)
{
log_error (_("failed to allocated keyDB handle\n"));
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-01 09:22:58 +0000